network-controller-harvester
network-controller-harvester copied to clipboard
harvester
chore(deps): update module golang.org/x/net to v0.36.0 [security] (v1.5)
This PR contains the following updates:
| Package | Change | Age | Adoption | Passing | Confidence |
|---|---|---|---|---|---|
| golang.org/x/net | v0.33.0 -> v0.36.0 |
GitHub Vulnerability Alerts
CVE-2025-22870
Matching of hosts against proxy patterns can improperly treat an IPv6 zone ID as a hostname component. For example, when the NO_PROXY environment variable is set to "*.example.com", a request to "[::1%25.example.com]:80` will incorrectly match and not be proxied.
Configuration
📅 Schedule: Branch creation - "" in timezone Asia/Taipei, Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
- [ ] If you want to rebase/retry this PR, check this box
This PR was generated by Mend Renovate. View the repository job log.
![renovate[bot] avatar](https://avatars.githubusercontent.com/in/2740?v=4 "Published by a pub.dev verified publisher"){kind=small}
ℹ Artifact update notice
File name: go.mod
In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):
- 5 additional dependencies were updated
Details:
| Package | Change |
|---|---|
golang.org/x/crypto |
v0.31.0 -> v0.36.0 |
golang.org/x/sync |
v0.10.0 -> v0.12.0 |
golang.org/x/sys |
v0.28.0 -> v0.31.0 |
golang.org/x/term |
v0.27.0 -> v0.30.0 |
golang.org/x/text |
v0.21.0 -> v0.23.0 |